team-polish
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection where malicious instructions embedded in the feature or area being analyzed could hijack the sub-agents' behavior. Since the sub-agents have access to powerful tools like Bash and file editing, this poses a risk of unauthorized command execution or data modification.\n
- Ingestion points: The
[feature or area to polish]argument is used as a direct input to define the context for theperformance-analyst,technical-artist,sound-designer, andqa-testersub-agents.\n - Boundary markers: The instructions do not define any delimiters (e.g., XML tags or triple quotes) or specific 'ignore embedded instructions' warnings when passing external content to the sub-agents.\n
- Capability inventory: The skill and its sub-agents are granted access to a wide range of sensitive tools, including
Bash(for profiling and optimization),Task(for recursive sub-agent spawning),Write,Edit, andTodoWrite.\n - Sanitization: There is no evidence of input validation, escaping, or filtering of the user-provided feature path or content before it is processed by the agent pipeline.
Audit Metadata